Opentalent
/
app


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
							import {
  createMongoAbility,
  type ExtractSubjectType,
  type Subject,
  type SubjectRawRule,
} from '@casl/ability'
import AbilityBuilder from '~/services/rights/abilityBuilder'
import { useAccessProfileStore } from '~/stores/accessProfile'
import { useOrganizationProfileStore } from '~/stores/organizationProfile'
import type { MongoQuery } from '@ucast/mongo'
import type { AccessProfile } from '~/types/interfaces'
import type OrganizationProfile from '~/models/Organization/OrganizationProfile'

export const ability = createMongoAbility()

export default defineNuxtPlugin(() => {
  const accessProfile = useAccessProfileStore()
  const organizationProfile = useOrganizationProfileStore()

  // Initialisation, nécessaire pour que l'update des habilités soit correcte après la phase SSR
  ability.update(accessProfile.abilities as SubjectRawRule<string, ExtractSubjectType<Subject>, MongoQuery>[])

  const abilityUtils = new AbilityBuilder(
    ability,
    accessProfile as unknown as AccessProfile,
    organizationProfile as unknown as OrganizationProfile,
  )

  // TODO: voir si on peut se passer du listener
  // TODO: clarifier l'ordre des opérations de maj des profils et des droits
  /**
   * Au moment où l'on effectue une action organizationProfileStore.setProfile, il faut aller récupérer
   * les différentes habilités que l'utilisateur peut effectuer. (Tout cela se passe en SSR)
   *
   * @see https://pinia.vuejs.org/core-concepts/actions.html#Subscribing-to-actions
   */
  const unsubscribe = organizationProfile.$onAction(
    ({
      name, // name of the action
      after, // hook after the action returns or resolves
    }) => {
      after((_) => {
        if (name === 'initiateProfile') {
          // On construit les habilités et on les enregistre dans le store
          // noinspection UnnecessaryLocalVariableJS
          const abilities = abilityUtils.buildAbilities()
          accessProfile.abilities = abilities

          // Unsubscribe pour éviter les memory leaks
          unsubscribe()
        }
      })
    },
  )
})